CISA

Security | Aug 21, 2023

The Big Interview: CISA’s $7 billion CDM program aims to run pan-federal cybersecurity. Is it delivering?

"We have gotten very smart on how to do business with agencies and build in flexibility into our contracting vehicles. We took an approach early on to divide and conquer..."

Networks | Jul 21, 2023

Citrix zero day used to attack critical infrastructure -- IOCs and detections now available

NetScaler vulnerability, CVE-2023-3519 IOCs

Attackers dropped a webshell, collected and exfiltrated Active Directory data, then ran into some healthy obstacles...

Security | Jul 13, 2023

Microsoft clams up over critical Azure key breach, security incident as attackers breach US agencies

Following a major security breach involving US federal agencies, Microsoft refuses to provide details on the incident

Security | Apr 10, 2023

Known exploited list: 15 million systems still exposed

... and probably shot to high heaven with malware.

Security | Mar 07, 2023

US agencies warn over "Royal" ransomware rise

Phishing is key threat vector and a Blue Team bête noire...

Security | Feb 22, 2023

IBM high speed file transfer software exploited by hackers

A pre-auth RCE in IBM Aspera Faspex is being exploited in the wild

Security | Jan 27, 2023

Critical controller bug could trigger traffic chaos: Software vendor ignores CISA outreach

One of 14 new advisories on vulnerable ICS software...

Security | Nov 21, 2022

Defending against Hive ransomware: It's time to use the attackers' tools

And, um, do you know how to restore from backup without Active Directory?

Security | Oct 24, 2022

GIGABYTE drivers are getting exploited warns CISA as 2018 bugs come back to bite

POCs have circulated for years...

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();